Least Privilege

Systems should be designed in such a way that they run with the least
amount of system privilege they need to do their job. This is the "need
to know" approach. If a user account doesn't need root privileges to
operate, don't assign them in the anticipation they may need them.
Giving the pool man an unlimited bank account to buy the chemicals for
your pool while you're on vacation is unlikely to be a positive
experience.